[Winpcap-users] Query
Babur Khan
bc201078 at mail.ulhr.edu.pk
Thu Jul 28 12:44:36 GMT 2005
hi,
i have made a driver which encrypts/decrypts incoming/outgoing ip packets, i
used windows NDIS to build the driver and have implemented IPsec with SHA1
for authentication and AES for encyrption/decryption.The driver is working at
the Data Link Layer.The Problem is that when i tried to capture packets with
Ethereal 0.10.11 with WinPcap 3.0 (i sent meaages several times like 'net
send computer2 what is your name?') i been to able to seen the data field as
plain text.
I Asked ethreal users about this, they replied:
If the packets you're capturing are being sent by or received by the
machine running Ethereal, then the problem is probably that WinPcap
connects to the network interface at a layer that lets it see outgoing
packets before they're encrypted and see incoming packets after they're
decrypted. I'm not an expert in NDIS; you might want to ask the WinPcap
developers about this.
------- End of Message -------
I hope to get a reply soon.
Babur Khan
Babur Khan
More information about the Winpcap-users
mailing list